Installation

This package can be installed with the go get command:

go get github.com/mattn/go-sqlite3

go-sqlite3 is cgo package.
If you want to build your app using go-sqlite3, you need gcc.
However, after you have built and installed go-sqlite3 with go install github.com/mattn/go-sqlite3 (which requires gcc), you can build your app without relying on gcc in future.

Important: because this is a CGO enabled package you are required to set the environment variable CGO_ENABLED=1 and have a gcc compile present within your path.

When this pragma is on, the SQLITE_MASTER tables in which database can be changed using ordinary UPDATE, INSERT, and DELETE statements. Warning: misuse of this pragma can easily result in a corrupt database file.

DSN Examples

file:test.db?cache=shared&mode=memory

Features

This package allows additional configuration of features available within SQLite3 to be enabled or disabled by golang build constraints also known as build tags.

Usage

If you wish to build this library with additional extensions / features.
Use the following command.

go build --tags "<FEATURE>"

For available features see the extension list.
When using multiple build tags, all the different tags should be space delimted.

Example:

go build --tags "icu json1 fts5 secure_delete"

Feature / Extension List

Extension

Build Tag

Description

Additional Statistics

sqlite_stat4

This option adds additional logic to the ANALYZE command and to the query planner that can help SQLite to chose a better query plan under certain situations. The ANALYZE command is enhanced to collect histogram data from all columns of every index and store that data in the sqlite_stat4 table.

The query planner will then use the histogram data to help it make better index choices. The downside of this compile-time option is that it violates the query planner stability guarantee making it more difficult to ensure consistent performance in mass-produced applications.

SQLITE_ENABLE_STAT4 is an enhancement of SQLITE_ENABLE_STAT3. STAT3 only recorded histogram data for the left-most column of each index whereas the STAT4 enhancement records histogram data from all columns of each index.

The SQLITE_ENABLE_STAT3 compile-time option is a no-op and is ignored if the SQLITE_ENABLE_STAT4 compile-time option is used

Allow URI Authority

sqlite_allow_uri_authority

URI filenames normally throws an error if the authority section is not either empty or "localhost".

However, if SQLite is compiled with the SQLITE_ALLOW_URI_AUTHORITY compile-time option, then the URI is converted into a Uniform Naming Convention (UNC) filename and passed down to the underlying operating system that way

App Armor

sqlite_app_armor

When defined, this C-preprocessor macro activates extra code that attempts to detect misuse of the SQLite API, such as passing in NULL pointers to required parameters or using objects after they have been destroyed.

This macro determines whether enforcement of foreign key constraints is enabled or disabled by default for new database connections.

Each database connection can always turn enforcement of foreign key constraints on and off and run-time using the foreign_keys pragma.

Enforcement of foreign key constraints is normally off by default, but if this compile-time parameter is set to 1, enforcement of foreign key constraints will be on by default

Full Auto Vacuum

sqlite_vacuum_full

Set the default auto vacuum to full

Incremental Auto Vacuum

sqlite_vacuum_incr

Set the default auto vacuum to incremental

Full Text Search Engine

sqlite_fts5

When this option is defined in the amalgamation, versions 5 of the full-text search engine (fts5) is added to the build automatically

International Components for Unicode

sqlite_icu

This option causes the International Components for Unicode or "ICU" extension to SQLite to be added to the build

Introspect PRAGMAS

sqlite_introspect

This option adds some extra PRAGMA statements.

PRAGMA function_list

PRAGMA module_list

PRAGMA pragma_list

JSON SQL Functions

sqlite_json

When this option is defined in the amalgamation, the JSON SQL functions are added to the build automatically

Secure Delete

sqlite_secure_delete

This compile-time option changes the default setting of the secure_delete pragma.

When this option is not used, secure_delete defaults to off. When this option is present, secure_delete defaults to on.

The secure_delete setting causes deleted content to be overwritten with zeros. There is a small performance penalty since additional I/O must occur.

On the other hand, secure_delete can prevent fragments of sensitive information from lingering in unused parts of the database file after it has been deleted. See the documentation on the secure_delete pragma for additional information

Windows

To compile this package on Windows OS you must have the gcc compiler installed.

1) Install a Windows gcc toolchain.
2) Add the bin folders to the Windows path if the installer did not do this by default.
3) Open a terminal for the TDM-GCC toolchain, can be found in the Windows Start menu.
4) Navigate to your project folder and run the go build ... command for this package.

User Authentication

Compile

To use the User authentication module the package has to be compiled with the tag sqlite_userauth. See Features.

Usage

Create protected database

To create a database protected by user authentication provide the following argument to the connection string _auth.
This will enable user authentication within the database. This option however requires two additional arguments:

_auth_user

_auth_pass

When _auth is present on the connection string user authentication will be enabled and the provided user will be created
as an admin user. After initial creation, the parameter _auth has no effect anymore and can be omitted from the connection string.

Password Encoding

The passwords within the user authentication module of SQLite are encoded with the SQLite function sqlite_cryp.
This function uses a ceasar-cypher which is quite insecure.
This library provides several additional password encoders which can be configured through the connection string.

The password cypher can be configured with the key _auth_crypt. And if the configured password encoder also requires an
salt this can be configured with _auth_salt.

Available Encoders

SHA1

SSHA1 (Salted SHA1)

SHA256

SSHA256 (salted SHA256)

SHA384

SSHA384 (salted SHA384)

SHA512

SSHA512 (salted SHA512)

Restrictions

Operations on the database regarding to user management can only be preformed by an administrator user.

Support

The user authentication supports two kinds of users

administrators

regular users

User Management

User management can be done by directly using the *SQLiteConn or by SQL.

SQL

The following sql functions are available for user management.

Function

Arguments

Description

authenticate

username string, password string

Will authenticate an user, this is done by the connection; and should not be used manually.

auth_user_add

username string, password string, admin int

This function will add an user to the database.if the database is not protected by user authentication it will enable it. Argument admin is an integer identifying if the added user should be an administrator. Only Administrators can add administrators.

auth_user_change

username string, password string, admin int

Function to modify an user. Users can change their own password, but only an administrator can change the administrator flag.

authUserDelete

username string

Delete an user from the database. Can only be used by an administrator. The current logged in administrator cannot be deleted. This is to make sure their is always an administrator remaining.

These functions will return an integer.

0 (SQLITE_OK)

23 (SQLITE_AUTH) Failed to perform due to authentication or insufficient privileges

Each connection to :memory: opens a brand new in-memory sql database, so if
the stdlib's sql engine happens to open another connection and you've only
specified ":memory:", that connection will see a brand new database. A
workaround is to use "file::memory:?mode=memory&cache=shared". Every
connection to this string will point to the same in-memory database.